I recently became a victim of the thor virus and my back-up was unfortunately plugged into the USB port a the time of infection and resulted in both my hard drive and back-up being exposed and encrypting all my critical data and image files to the .thor suffix. This is the first time I have ever incurred this sophisticated a virus and I have several questions.
1. What is the earliest date that anyone has experienced thor (not locky).
2. Does anyone have an idea based on passed experience when a solution to this virus might occur? One of my options is to shut down this computer and wait for a solution to un-encrypt the files, I'm looking for a timeframe if I chose this option?
3. At this point the internet is providing a multitude of suggestions and several that are contradictory as an example: remove vs don't delete the email that contained the virus, remove the virus from you computer then reload your back-up (not possible), remove the virus and use system restore (not possible the restore point has been deleted), remove the virus and use shadow explorer to restore (I've loaded shadow explorer but it doesn't seem to restore anything, last but not least remove the hard drive and send to a professional to try and recapture a previous version. Can someone provide a plan that makes sense, my biggest fear is that removing the virus or the email that contained the virus might prohibit me from paying the ransom as a last resort.
4.I have been made aware that some people have paid the ransom, I do not want to go this route but some of this data are my medical records, financial documents, and personal pictorial history of events in my life going back 25 years, I may not have a choice but to pay the ransom. My question is does anyone have experience paying the ransom? I've heard things about paying the ransom from: "it worked" to "the key sent didn't work" or even "I didn't get any response once I paid the ransom", does anyone have any experience?